Electron Cryptography


#1

I was looking to build an application using the Electron framework, but I have a bit of a unique requirement. I need to use a specific version / build of openssl that would also affect libcurl and websockets (ws). Specifically, I am building an openssl engine to extend the libraries functionality. This, of course, means a separate library build of openssl that the stock ‘npm i openssl’ would not have. Is there a way to supply the application with a different library static or shared object file than the one that comes with Electron? Or would I have to create my own node module?

Also, if I was able to update / change the openssl library, would that mean that all modules within the application that use cryptography would then use this updated openssl library as well? Or would things like curl and ws still whatever is supplied by Electron?

Thanks.


#2

After some future reading / research, I think what I have to do is build Node.js from source that points to my “version” of openssl. Is this correct?


#3

If you need some custom functionality, it is probably best to build your own Node module and then use it like any other module. Then you don’t need to worry about whether things will conflict or not.


#4

Thank you for the suggestion. I do not really need custom functionality, I more just need to use a specific version of OpenSSL.

Over on the electron slack channel, marshallofsound said that I would need to rebuild libchromiumcontent (LCC) that linked against my version of OpenSSL. I have been exploring that today, however, I haven’t been able to make much progress as it is taking forever to build LCC.

I do have a follow up question. If my application were to use the ajax node module, would ajax be using Node.js’s crypto library? Or would it use LCC’s crypto library (in this case, my specific version of OpenSSL)?


#5

I don’t know the answer to that, unfortunately.